jade/blog
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixup some final pages

Browse source
This commit is contained in:
lf- 2021-03-09 04:32:42 -08:00
parent 94e44e406b
commit 7555f3bbcb
3 changed files with 14 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

2
content/posts/about.md
View file

@ -22,7 +22,7 @@ place for Saskatchewan.
Other than robotics, I am most interested in Rust and embedded systems, Other than robotics, I am most interested in Rust and embedded systems,
especially the security thereof. especially the security thereof.
To contact me, email `jade` at this domain (`LFCODE` dot ca). To contact me, email `jade` at this domain (jade dot fyi).
Jade Jade
she/they she/they

18
content/posts/gctf-2020-writeonly.md
View file

@ -157,15 +157,15 @@ the PID since it would have been returned from fork and it is logged by the
suspicious `printf`. As it turned out, it was indeed on the stack, so I wrote suspicious `printf`. As it turned out, it was indeed on the stack, so I wrote
some evil inline assembly to get the value pointed to by `rbp - 0x4`. some evil inline assembly to get the value pointed to by `rbp - 0x4`.
The next step was to construct the path. I was unsure of the availability of C The next step was to construct the path. I was unsure of the availability of
string and `itoa`-like functions in the environment, given that there is no C string and `itoa`-like functions in the environment, given that there is no
standard library present, so I just wrote some. An interesting optimization of standard library present, so I just wrote some. An interesting optimization
this nicked from [later rewriting the exploit in of this nicked from [later rewriting the exploit in
Rust](https://lfcode.ca/blog/writeonly-in-rust) is that my `itoa` goes Rust](/blog/writeonly-in-rust) is that my `itoa` goes backwards, writing into
backwards, writing into a with a buffer containing extra slashes that will a with a buffer containing extra slashes that will otherwise be ignored by
otherwise be ignored by the OS. This cut my executable size about in half by the OS. This cut my executable size about in half by not having to reverse
not having to reverse the string or perform string copies as one would have to the string or perform string copies as one would have to do in a normal
do in a normal `itoa`. `itoa`.
```c ```c

8
content/posts/writeonly-in-rust.md
View file

@ -6,11 +6,11 @@ tags = ["ctf", "rust", "osdev"]
title = "Writing shellcode in Rust" title = "Writing shellcode in Rust"
+++ +++
In my [Google CTF entry for `writeonly` this year](https://lfcode.ca/blog/gctf-2020-writeonly), In my [Google CTF entry for `writeonly` this year](/blog/gctf-2020-writeonly),
I wrote my first stage shellcode in C, which was somewhat novel in and of I wrote my first stage shellcode in C, which was somewhat novel in and of
itself, as it seemed like few people were willing to brave linker scripts to be itself, as it seemed like few people were willing to brave linker scripts to
able to write shellcode in C. My hubris does not stop at C, however, and the be able to write shellcode in C. My hubris does not stop at C, however, and
crab language seemed well suited for a port. the crab language seemed well suited for a port.
[Source code here](https://github.com/lf-/ctf/tree/main/writeonly.rs) [Source code here](https://github.com/lf-/ctf/tree/main/writeonly.rs)